Search Results
|
Post |
Author |
Forum
[desc]
|
Replies |
Views |
Posted |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
$ git clone https://github.com/aircrack-ng/rtl8812au
$ cd rtl8812au
$ make
$ sudo insmod 88XXau.ko
The plug in the adapter and run hcxdumptool.
This is not persistent. If you need it persistent... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
09-18-2019, 12:06 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
We have 2 issues that can cause your trouble:
You choose the wrong version (only 5.2.20 is working - $ git branch will show you this):
https://github.com/aircrack-ng/rtl8812au/issues/376#issue-455... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
09-18-2019, 08:10 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
You're running an old version. Please pull latest git commit.
Filter lists are only used in the transmission branch. Using a filter list means, that we run active attacks against the entries (filterm... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
08-21-2018, 10:22 AM |
|
|
Thread: Keyspace List for WPA on Default Routers
Post: RE: Keyspace List for WPA on Default Routers
Hi soxrok2212.
Did a quick binwalk, unsquashfs and radare2 on some files and noticed that the values are retrieved from the board:
ls /sys/module/board/parameters/*.*
or by debugsys --info
squas... |
|
ZerBea |
User Contributions
|
182 |
305,383 |
08-24-2018, 01:33 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Pushed a small update hcxdumptool. From now on we parse SAE completely:
[10:10:20 - 005] c83a35000002 -> c83a35000001 [AUTHENTICATION, SAE COMMIT, STATUS 0, SEQUENCE 304]
[10:10:20 - 005] c83a3500... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
08-26-2018, 10:23 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi sl0badob
That is correct. An access point is detected to be in our range, if he responds to our request using his ESSID. We are not able to associate to an access point without this information. A... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
08-26-2018, 03:59 PM |
|
|
Thread: Empty PMKID file generated by hcxpcaptool
Post: RE: Empty PMKID file generated by hcxpcaptool
Ok, that is a good reason. And running hcxdumptool through a VM isn't a good idea:
https://github.com/aircrack-ng/rtl8812au/issues/376#issuecomment-529123578 |
|
ZerBea |
User Contributions
|
3 |
3,104 |
09-19-2019, 11:50 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
No, there is no easy way to retrieve the WPS pin and nearly all up to date router models are hardened against pixie dust.
You can try hydra if you have access to the network:
https://github.com/van... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
10-19-2019, 08:16 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi dizcza.
hcapcaptool -o option will convert pcapng files to hccapx format (not to pcapng) and append the result to an existing hccapx file.
The command you're looking for (merging pcapng files... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
08-27-2018, 02:23 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi ssswanil.
To answer your question, we need some more informations.
1) Do you run latest commit?
If not, please update!
2) Does your driver support full (injection is working!) monitor mode?
... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
08-28-2018, 09:04 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Added iw functionality to hcxdumptool.
From now on hcxdumptool will set monitor mode and restore old interface settings when terminated. You do not need to run iw, ip, iwconfig, ifconfig any longer.
... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
08-30-2018, 10:53 AM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Hi Mem5.
Yes, hcxdumptool sends a few deauthentication messages. That's true.
But hcxdumptool also sends a disassociation after it has received an EAPOL 4/4 (M4) with reason code: WLAN_REASON_DISASS... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
08-31-2018, 12:07 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
I decided to add "raw" NMEA support, because I noticed that, if you use GPSD and GPSD hangs, hcxdumptool will hang too.
On the other side, NMEA sentences can be converted to every format, by GPSBabe... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
12-27-2019, 11:04 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi wakawaka
We can control the transmission branch, because we send only a few packets.
But we are not able to control the receiving branch. If we are in range of hundreds of access points and hundr... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
09-02-2018, 09:44 AM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi slyexe.
Do you you use the latest commit? I did a complete refactoring. The Raspberry PI A+, B+ is able to handle 4096 access points and/or 4096 clients simultaneously in a very fast way.
"This t... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
09-05-2018, 10:13 AM |
|
|
Thread: hcdumptool + airodump-ng auto script
Post: RE: hcdumptool + airodump-ng auto script
Why do you change the mac_address, every 60 seconds? There is no need to do this.
hcxdumptool use it's own random generated mac_address_space and will ignore your changes. You only waste CPU time.
... |
|
ZerBea |
User Contributions
|
1 |
3,757 |
09-07-2018, 02:40 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Nice to hear that.
Please try the new hasline, too (latest git head on all tools -option 22000):
hcxdumptool -> hcxpcangtool -o new.22000 -> hashcat -m 22000 new.22000 wordlist
It works like a cha... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
12-28-2019, 01:14 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
It is not mandatory for hashcat and hcxtools/hcxdumptool.
Explained here:
https://wpa-sec.stanev.org/ |
|
ZerBea |
User Contributions
|
648 |
487,246 |
01-04-2020, 03:39 PM |
|
|
Thread: hcxtools - solution for capturing wlan traffic and conversion to hashcat formats
Post: RE: hcxtools - solution for capturing wlan traffic...
Old hashcat is very, very limited regarding WPA. Additional we can have several issues within the conversion process (e.g. handshake is outside default nonce-error-correction of hcxpcaptool).
You can... |
|
ZerBea |
User Contributions
|
648 |
487,246 |
01-06-2020, 10:11 PM |
|
|
Thread: New attack on WPA/WPA2 using PMKID
Post: RE: New attack on WPA/WPA2 using PMKID
Hi Superninja
wlan0mon is a typical logical interface type, created by airmon-ng for broadcom devices.
Do you use a broadcom interface?
read more here:
"You are using the Broadcom STA (wl) off... |
|
ZerBea |
User Contributions
|
187 |
1,293,324 |
09-18-2018, 06:37 PM |